How to Report Security Vulnerabilities to Resilio, Inc.

If you are an Resilio, Inc. customer, please submit a service request for any security vulnerability you believe you have discovered in an Resilio, Inc. product (Resilio Sync and Resilio Connect Product lines or the Resilio Webpage)

If you are not a customer or partner, please email security@resilio.com with your findings. We encourage people who contact the Resilio Security Team to use email encryption, using the encryption key below. Resilio, Inc. values the members of the independent security research community who find security vulnerabilities and work with Resilio, Inc. so that security fixes can be issued to all customers.

Resilio Inc’s policy is to credit all researchers in the Security Advisory document when a fix for the reported security bug is issued. Resilio, Inc. does not credit employees or contractors of Resilio, Inc. for vulnerabilities they have found.In order to receive credit, security researchers must follow responsible disclosure practices, including:

They do not publish the vulnerability prior to Resilio, Inc. releasing a fix for the vulnerability

They do not divulge exact details of the issue, for example, through exploits or proof-of-concept code